Search This Blog

Saturday, December 31, 2011

[SECURITY] [DSA 2376-2] ipmitool security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2376-2 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
December 31, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : ipmitool
Vulnerability : insecure pid file
Problem type : local
Debian-specific: no
CVE ID : CVE-2011-4339
Debian Bug : 651917

It was discovered that OpenIPMI, the Intelligent Platform Management
Interface library and tools, used too wide permissions PID file,
which allows local users to kill arbitrary processes by writing to
this file.

The original announcement didn't contain corrections for the Debian
5.0 "lenny" distribution. This update adds packages for lenny.

For the oldstable distribution (lenny), this problem has been fixed in
version 1.8.9-2+squeeze1. (Although the version number contains the
string "squeeze", this is in fact an update for lenny.)

For the stable distribution (squeeze), this problem has been fixed in
version 1.8.11-2+squeeze2.

For the unstable distribution (sid), this problem has been fixed in
version 1.8.11-5.

We recommend that you upgrade your ipmitool packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJO/v4FAAoJEOxfUAG2iX57ZxIH/3VOGKFEqkiYJyAeB96EA9d1
QKwRWxJmc+gsCB4cruNUWihCZpvgUVYHY7sRUqC+z5q5CidCehT6MRc+aBtbq0CI
mroBMkTfMl135wYXtEabThDx/gHY+gKgzkqnalPEDAAsY6hMi3YGHeB7VXFClH/c
mManIlimI9qbvBM/FvLCx0e43oBzNgdgbyhZpZO22CugMXwGQjZNfvAE+hfW2n25
fScxAtJTKcg9Wp2buuE7HYvn0dh9m/y8uw/mFwIYr7DLvwWRAcA+NdvCY4o863KT
0eJuPtK685CLFRwKGBKzuBflUBtb7fTpg2hW4GhhHQUF0aHz6Vz0Cpgf715I/bA=
=xZPT
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20111231122117.DCE4559DF0@kinkhorst.com

Friday, December 30, 2011

Friday Roundup: Application Monitoring, Mobile Device Security, Storage Virtualization, Private Cloud Computing, and Server Protection

This message is brought to you as a valued IDG Connect subscriber.

Application Monitoring, Mobile Device Security, Storage Virtualization, Private Cloud Computing, and Server Protection.


Unsubscribe

Welcome to the last edition of the VoicesOn Newsletter this year. This week, we bring you white papers on Application Monitoring, Mobile Device Security, Storage Virtualization, Private Cloud Computing, and Server Protection.

Augmenting Server Monitoring with Application Performance Monitoring
Application monitoring needs to provide a total perspective of how network, server, and storage performance affect application performance. This guide illustrates how a comprehensive monitoring solution simplifies complex application monitoring with an integrated approach.

A Window into Mobile Device Security
The mass-adoption of both consumer and managed mobile devices in the enterprise has increased employee productivity but has also exposed the enterprise to new security risks. The latest mobile plat­forms were designed to build security features directly into the operating sys­tem to limit attacks from the outset. This white paper discusses the impact of these security approaches as well as how mobile devices may affect network security.

Real solutions. Real results. Customers speak on HP Storage Virtualization solutions.
Data volume is rapidly increasing for IT organizations around the world. According to IDC, unstructured data is growing at 62% per year. This interactive document sponsored by HP + Intel outlines storage solutions available today and reveals customer opinions. See case studies and success stories, and discover how a Converged Infrastructure could benefit your organization.

IBM System x Hyper-V Private Cloud Solution
Midsized businesses looking to benefit from the promise of private cloud computing should consider the IBM System x Private Cloud Offering, which consists of rack servers, storage and networking. Read this solution brief to learn about this reliable, high-performance and ready-to-use computing solution for data centers.

Free Trial: Protect Your Business from Slowdowns that Negatively Impact Productivity
ESET NOD32 Antivirus 4, ESET's Business Solution offers complete server-to-endpoint protection. Request a free trial today.

 

Thank you,
VoicesOn

__________________________________________________________________________
Forward this to a Friend >>>
__________________________________________________________________________
To unsubscribe from future Voiceson emails, please click here.

View our Privacy Policy.

You are receiving this email from IDG as a subscriber to one of the IDG brands:
CIO | Computerworld | CSO | GamePro | Games.net | Industry Standard | Infoworld | ITworld | JavaWorld | LinuxWorld | Macworld | Network World | DEMO | IDG Connect | IDG Knowledge Hub | IDG Tech Network | IDG World Expo

Copyright 2011 | VoicesOn - IDG Connect, 492 Old Connecticut Path, Framingham, MA 01701. http://www.voiceson.com

Security Management Weekly - December 30, 2011

header

  Learn more! ->   sm professional  

December 30, 2011
 
 
Corporate Security
  1. "US Bills on Curbing Online Piracy Face Strong Opposition"
  2. "Melee at Nation's Largest Mall Leads to More Security" Mall of America in Bloomington, Minn.
  3. "4 Types of Workplace Violence-What’s Your Greatest Risk?"
  4. "Employee Theft: The Grinch of a Retailer's Season"
  5. "Stolen Credit Cards Go for $3.50 at Online Bazaar"

Homeland Security
Sponsored By:
  1. "Tensions Rising Over Drone Secrecy"
  2. "New Year's Eve Security Main Focus for NYPD"
  3. "Under Obama, an Emerging Global Apparatus for Drone Killing"
  4. "Deadly Christmas Blasts Spark Outrage in Nigeria"
  5. "Debate Persists on Deadly Flu Made Airborne"

Cyber Security
  1. "Homeland Security Uncovered Anonymous Attack on Public Advocate’s Office"
  2. "Wi-Fi 'Protected Set-Up' Not So Protected After All"
  3. "'Anonymous' Hackers Target U.S. Security Think Tank"
  4. "Finding the Unique in You to Build a Better Password"
  5. "New Zero-Day Vulnerability in Windows 7 64-Bit May Allow Remote Code Execution"

   

 
 
 

 


US Bills on Curbing Online Piracy Face Strong Opposition
Philippine Star (12/30/11)

Both houses of Congress have proposed bills designed to crack down on online piracy: the Protect Intellectual Property Act (PIPA) in the Senate and the Stop Online Piracy Act (SOPA) in the House. Under SOPA, sites believed to be trafficking in pirated goods could be cut from search engines and deleted from servers. Advertising on such sites would also be prohibited, and those streaming copyrighted material could face up to five years in jail. Critics of the SOPA bill worry that it would ban proxy servers that hide Internet identities and locations and set a wider precedent for Internet censorship. They are also concerned that making Internet services responsible for copyright violations, rather than individual abusers, could put businesses such as YouTube, Vimeo, Flickr, Tumblr, Facebook, eBay, and Etsy out of business while actual pirates would find a way to circumvent the bill. Companies supporting the bill now face boycotts from these objectors. For example, GoDaddy lost 37,000 domains as customers in the first two days of a boycott by users transferring their domains to other hosting companies. GoDaddy has since withdrawn is support of the bill that it initially helped create.


Melee at Nation's Largest Mall Leads to More Security
MSNBC (12/27/11)

The Mall of America in Bloomington, Minn., has implemented additional security following a brawl there on Monday. The fight, which involved a group of young adults and children, started in the mall's food court and eventually spread throughout the rest of the building. During the chaos, some shoppers were knocked down and had their purchases stolen from them. Items were stolen from mall kiosks as well. After the fighting broke out, mall officials ordered a lockdown. Stores in the mall responded by shutting their doors in order to give shelter to frightened shoppers. The fights spilled outside of the mall for a brief period of time after police restored order inside the shopping center. Additional security officers were stationed at the mall on Tuesday in response to the violence the day before.


4 Types of Workplace Violence-What’s Your Greatest Risk?
safety.blr.com (12/23/2011)

According to the National Institute for Occupational Safety and Health, workplace violence comes in one of four forms. Some workplaces may be at higher risk of different types of violence than others, making it essential for companies to determine where their exposures lie so they can better mitigate their risks. The first type of violence is criminal intent, where the violence occurs as part of another crime such as robbery, trespassing, or acts of terrorism. Eighty-five percent of all workplace homicides fall into this category. Companies at higher risk of this type of violence are those that handle cash or drugs or who may be targeted by terrorists. The second type of violence is perpetrated by someone with a connection to the business, such as a student, patient, client, or inmate. The healthcare industry has a particularly high risk of this type of violence, as do police officers, prison staff, flight attendants, and teachers. While this category accounts for only 3 percent of workplace homicides, the majority of non-fatal violence is considered Type II. The third type of violence is worker-on-worker, which accounts for 7 percent of homicides in the workplace. All workplaces carry a risk of this type of violence, but that risk can be reduced by conducting criminal background checks. The final type of violence is carried out by someone with a personal relationship to a worker, and it accounts for approximately 5 percent of workplace homicides. This type of violence also occurs in all workplaces, but may be harder to prevent in those that are accessible to the public and/or only have one location.


Employee Theft: The Grinch of a Retailer's Season
PropertyCasualty360 (12/22/11) Linde, Selena J.; Sharkey, Michael T.

Employee theft is common during the holiday season, due to the surge of seasonal employees, increased store traffic and management's attention to keeping stock available. Store owners often try to address this problem by updating their security policies and ensuring their staff members are well trained. But many large retailers forget to tap their fidelity insurance policies. Many of these insurance assets remain untapped because retailers are unaware they had coverage for loss or because they do not understand certain provisions in the policies. Retailers often fail to access their fidelity insurance assets because they fail to file claims properly. But the fidelity insurance policies can be used to cover such things as loss of money, loss of securities, and loss of inventory due to crime. Liabilities covered by the insurance typically fall into two categories: employee dishonesty coverage and money and securities coverage.


Stolen Credit Cards Go for $3.50 at Online Bazaar
Bloomberg (12/20/11) Riley, Michael

In mid-September, a European hacker nicknamed Poxxie broke into the computer network of a U.S. company and allegedly stole 1,400 credit card numbers, the account holders’ names and addresses, and the security code that comes with each card. With little trouble, he sold the numbers for $3.50 each on his own seller’s site, called CVV2s.in. Customers on CVV2s can search for card numbers by bank, card type, credit limit and zip code, loading them into a virtual shopping basket as they go. The site offers the ability to search by bank identification number. CVV2s even has an automated feature that lets clients validate the numbers in real time, to make sure the bank hasn’t canceled the card. Traverse City, Michigan-based Ponemon Institute, which researches data security, estimates that thieves annually steal 8.4 million credit card numbers in the U.S. alone.




Tensions Rising Over Drone Secrecy
Wall Street Journal (12/30/11) Entous, Adam; Gorman, Siobhan

Some lawmakers are calling for increased congressional oversight of the Obama administration's efforts to use drones to kill terrorists. Among the lawmakers who want more oversight of the program are the members of the House and Senate armed services committees. Earlier this month, a bipartisan group of lawmakers inserted language into defense legislation that would require the Pentagon to provide the committees with updates on counterterrorism operations and related activities involving special operations forces every three months. Members of the armed services committees have said that they want more information about the CIA's drone program. Meanwhile, Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) has asked the Justice Department to allow his panel to review a secret memo that made the case for the killing of U.S. citizens overseas. The House and the Senate Intelligence committees currently provide close oversight over the CIA's drone program. The two committees currently receive phone calls notifying them about CIA drone strikes almost immediately after they take place. In addition, congressional staff participate in monthly meetings about the drone program at the CIA's headquarters. Classified congressional briefings or hearings on the drone program are also held at least every three months. Obama administration officials have defended the oversight of the drone programs run by both the CIA and Joint Special Operations Command, saying that they are closely watched by top officials at the two agencies and by members of the White House National Security Council.


New Year's Eve Security Main Focus for NYPD
CNN.com (12/30/11) Lewin, Khara

Security will be tight in New York City on Saturday night as hundreds of thousands of people gather in Times Square to ring in 2012. More than a dozen checkpoints will be put in place at the entrances to Times Square, each of which will be equipped with metal and radiation detectors. Revelers will also be required to submit to bag searches. Backpacks will not be allowed past the security checkpoint. Meanwhile, at least 500 cameras and a number of helicopters equipped with infrared technology will be in place to scan for security threats in the crowd. COBRA teams will also be deployed to a number of locations in order to look for chemical, biological, or radiological threats. Officers on horses will be on hand as well, as will uniformed and plainclothes officers. Dogs will also be used to detect the presence of explosives. Finally, the Joint Operations Center will be open to allow the New York Police Department to coordinate with federal, state, and local agencies.


Under Obama, an Emerging Global Apparatus for Drone Killing
Washington Post (12/28/11) Miller, Greg

President Obama has ramped up the use of armed drones in attacking terrorists since he took office, partly because his decision to end the CIA 's detention program and end transfers to Guantanamo Bay left him with few other counterterrorism options. According to the New America Foundation, there were 44 drone attacks in Pakistan over the five-year period preceding Obama's inauguration. Roughly 400 people were killed in those attacks. But since January 2009, the number of drone attacks in Pakistan has risen to nearly 240, while the number of those killed has more than quadrupled. Meanwhile, the number of drone strikes in Yemen has risen as well as the U.S. goes after members of al-Qaida in the Arabian Peninsula, which is an affiliate of the main al-Qaida organization and has been responsible for a number of terrorist plots. However, the administration has opted not to expand the use of drones in Somalia, which is home to the militant group al-Shabab. There is concern that attacking al-Shabab could radicalize the group even further and give it a motivation to attack the U.S. The expansion of the drone program comes as some in Congress, including Sen. Dianne Feinstein (D-Calif.), have expressed concern about problems regarding the oversight of the use of unmanned aircraft. Feinstein said that there should be careful oversight by civilians when drones are used to kill terrorists. No one congressional panel currently has full oversight of the program because of the different agencies that are involved.


Deadly Christmas Blasts Spark Outrage in Nigeria
Wall Street Journal (12/27/11) McGroarty, Patrick

A coordinated series of attacks in Nigeria on Christmas Day has killed roughly 40 people and injured dozens of others. The attacks consisted of four bombings at Christmas church services in the city of Jos, which has often been the scene of violence between Muslim and Christians, and the city of Madalla. Nearly three dozen people were killed in one bombing at a Catholic church in Madalla alone. In addition, four people were killed after a suicide bomber drove into a military base in the town of Damaturu. A spokesman for Boko Haram has said that the Islamist group was behind the attack. The spokesman also noted Boko Haram would continue to attack targets in Nigeria until its prisoners were released, Sharia law was put into place, and the country's constitution was suspended. Although Nigerian President Goodluck Jonathan has condemned the attacks, some have said that his government has not done enough to deal with the threat from Boko Haram and that it has also sent the message that attacks by the group are "one of the burdens" that the country must live with. But a spokesman for Jonathan said that the Nigerian government has made progress in going after Boko Haram by arresting the group's members, carrying out raids on its strongholds, and disrupting its operations.


Debate Persists on Deadly Flu Made Airborne
New York Times (12/27/11) Grady, Denise; McNeil Jr., Donald G.

The United States government continues to ask researchers and publications to redact studies, funded by the National Institutes of Health (NIH), detailing the processes used to make the A(H5N1) flu virus airborne. The redactions were requested on the grounds that terrorists, hostile governments, or unscrupulous researchers could potentially replicate the processes used. While scientists and journal editors commonly reject any form of censorship, those involved say in this case it may be true that their work is too dangerous to share. Other biosecurity experts have gone so far to say the knowledge of how to make the often-lethal A(H5N1) virus easily transmittable from person-to-person is so dangerous that it never should have been attempted in the first place. However, Dutch researchers who ran one of the investigations into the virus say they are only cooperating with the redaction order reluctantly, arguing that their legitimate colleagues need the information, because the mutations that occurred in their lab could also occur in nature. They also argue that flu viruses make impractical bioweapons, because they would likely infect whoever deployed them as well and they cannot be targeted. Still, the Dutch lab has been given additional security precautions since their research has been made public.




Homeland Security Uncovered Anonymous Attack on Public Advocate’s Office
New York Daily News (12/28/11) Blau, Reuven

Homeland Security officials discovered that the Web site of the Public Advocate's Office in New York was hacked over Christmas weekend. The federal Multi-State Information Sharing and Analysis Center notified the city's tech department. "They contacted us to confirm the breach," said Public Advocate spokesman Wiley Norvell. "We picked up on suspicious activities earlier in the weekend." Members of the hacking collective Anonymous were behind the attack, posting stolen data on filebeam.com. Norvell said that the Web site removed the information after the Public Advocate's Office contacted them. The stolen data includes the names and e-mail addresses of 6,700 users who had filled out online forms, such as petitions and complaints related to last year's blizzard. The breach involved a "brute-force attack," which involves checking all possible passwords until the right one is found, then breaking down the firewalls that protect data. Public Advocate staffers are examining the reclaimed files and intend to contact those whose data may have been involved. The New York Police Department's crime squad is also investigating.


Wi-Fi 'Protected Set-Up' Not So Protected After All
CNet (12/28/11) Reardon, Marguerite

The U.S. Computer Emergency Readiness Team (US-CERT) cautioned in late December of a security vulnerability in a popular tool meant to make it easier to add additional devices to a secure Wi-Fi network. The organization cited findings from security researcher Stefan Viehbock, who discovered the security flaw in the Wi-Fi Protected Set-Up (WPS) protocol, which is frequently bundled into Wi-Fi routers. The protocol is designed to allow unsophisticated home users to set up secure networks using WPS encryption without much difficulty. Users are then able to enter a shortened PIN instead of a long pass-phrase when adding a new device to the secure network. That method, however, also makes it much easier for attackers to break into a secure Wi-Fi network, US-CERT says. The security threat could impact millions of consumers, since the WPS protocol is enabled on most Wi-Fi routers currently sold. The fundamental flaw is that the security of the eight-number PIN drops significantly with more attempts to key in the password. When an attempt fails, the hacker can determine if the first four digits of the code are correct. From there he can narrow down the possibilities on the rest of the digits until the code is cracked. Viehbock says a hacker can breach a secure Wi-Fi hotspot in roughly two hours using this method to exploit a flaw. US-CERT said in its warning that there is no known fix to the security weakness. Rather, the group urges users to disable the WPS function on their routers.


'Anonymous' Hackers Target U.S. Security Think Tank
Associated Press (12/27/11)

The hacker group Anonymous reportedly stole the confidential client list of the security think tank Stratfor by hacking the organization's Web site. Anonymous said over the weekend that it was able to obtain more than 4,000 credit card numbers, passwords, and home addresses from the list because the information was not encrypted. The stolen credit card numbers were then used to make donations to a variety of different charities. However, proprietary information about the companies and government agencies that subscribe to Stratfor's newsletters—which includes Apple, the U.S. Air Force, and Miami's police department—does not seem to be at risk. In response to the security breach, Stratfor has hired a identity theft protection and monitoring service to work with those affected by the attack, and suspended its servers and email. In addition, the organization is working with law enforcement officials on the investigation into the breach. Stratfor's Fred Burton says the organization had security measures in place to prevent breaches such as the one Anonymous carried out, but notes that it is "extraordinarily difficult" to protect against attacks carried out by highly-motivated attackers.


Finding the Unique in You to Build a Better Password
New York Times (12/23/11) Perlroth, Nicole

As more users store sensitive data on smartphones, mobile devices could become a target for hackers, prompting technology companies and the U.S. government to rethink the way users log onto their devices. IBM recently predicted that traditional passwords may become a thing of the past. "Biometric data--facial definitions, retinal scans, and voice files--will be composited through software to build your DNA unique online password," IBM says. However, biometric passwords also have security issues. The most serious problem with biometrics is that once a biometric signature has been compromised, it is impossible to replace it, says Imperva researcher Tal Be'ery. This problem has led the U.S. Defense Advanced Research Projects Agency to develop ways to identify device owners and account holders using unique behaviors such as hand gestures and typing styles. Meanwhile, Microsoft recently released a behavioral password system for the Windows 8 operating system. "When the types, ordering, and directionality are all correct, we take a look at how far off each gesture was from the ones we’ve seen before, and decide if it’s close enough to authenticate you," says Microsoft's Zach Pace.


New Zero-Day Vulnerability in Windows 7 64-Bit May Allow Remote Code Execution
IDG News Service (12/21/11) Constantin, Lucian

Microsoft is investigating reports of a zero-day vulnerability in Windows 7 64-bit that results in crashes and could allow attackers to run arbitrary code on affected systems. The security weakness can be exploited by opening a Web page containing a specially crafted iframe using Apple's Safari browser. Secunia researchers believe the crash could be leveraged to carry out malevolent code, and the impact could be more serious due to the kind of crash and nature of the vulnerability, such as crashing when attempting to write to invalid memory in a call to memmove, says Secunia's Carsten Eiram. "Based on this we do consider remote code execution a possibility though it has not been proven at this time," Eiram says. The security weakness stems from an error in the win32k.sys kernel-mode driver, a common source for critical Windows vulnerabilities. The exploit has thus far only been verified on Windows 7 64-bit when parsing an iframe with an overly-long height attribute in Safari. However, researchers do not rule out the possibility that other versions of Windows can be affected via different attack vectors. Eiram says that during testing, Secunia observed no crashes on Windows XP SP3 32-bit nor Windows 7 32-bit, but cannot totally rule out that these could be impacted via different approaches.


Abstracts Copyright © 2011 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

1962 vs. 2012: Tech Predictions from the Last 50 Years

 
IDG Connect
 
Discover Worldwide Business Knowledge
 
gry arrow Disappearing Refrigerators & Smart Devices
gry arrow Portable Screens & Mobile Devices
gry arrow Electronic Learning & Connected Education
 
As we edge closer to 2012, it's the perfect time to look back at technology in years gone by. In a recent news story, we heard that a book (1975: And the Changes to Come) has been unearthed from 1962 which predicted the future of technology. So, 50 years later, how many of these have come to anything? Read our recent blog post to find out what technology innovations we will all be after in 2012.
 
Smart Appliances: Disappearing Refrigerators
One of the predictions made in Arnold B Barach's 1962 book was that kitchen appliances such as refrigerators would save space by rising from the kitchen floor to be used. This hasn't become a popular kitchen design feature, but appliances such as refrigerators are set to become smarter 50 years after this prediction was made. The Internet of things is set to make our communication with everyday objects more interactive - with one concept being refrigerators that know when you're out of milk and which restock themselves. Read this paper to learn more about what the Internet of things could mean for you.
 
Download Now
 
Mobility: Salesmen with Portable Screens
50 years ago, another prediction made by Barach was that by 1975 traveling salesmen would be equipped with portable screens for conducting presentations in people's homes. This isn't far off what we are seeing today, with laptops, tablets and smartphones making our work more mobile than ever. This white paper explains how mobility technology will be leveraged in the field in 2012.
 
Download Now
 
Education: Children Learning with Machines
Another prediction made in 1962 which holds true today is Barach's insight that pupils would be examined and marked on machines. Of course, today there are computers in classrooms all over the world, and technology is making educational institutes run more efficiently than ever - as you can read in this white paper. Get it now and discover four ways the modern technological environment is transforming education.
 
Download Now
 

Kind regards

Kasey Cassells
e-Editor
IDG Connect

P.S: Don't forget to
read our blog post on the hottest technology for 2012.

gry arrow Forward this mailer to a Friend/Colleague
Find us on: Facebook Facebook Twitter Twitter LinkedIn LinkedIn RSS Feed RSS Feed
Subscribe to topical weekly email Roundups from IDG Connect.
If you do not wish to receive any further emails click here
Contact us if you need any assistance or additional information.
 
IDG Connect
IDG Connect's Privacy Policy Copyright ɠ2010. All rights reserved.
IDG Connect, 492 Old Connecticut Path, Framingham, MA 01701.
www.idgconnect.com

The Friday Five

This Week's Top 5 Tech Resources


IT Whitepapers 

IT Whitepapers

Featured White Paper

Security-as-a-Service: Threat mitigation from the cloud
The costs and resources for keeping email accessible and secure are draining IT resources. Learn how to greatly improve security and access by leveraging the expertise and economies of scale of a cloud-based, dedicated service.

Popular Resources Right Now

Retail Re-pricing: Mobile Printing Enables Fast, Efficient Price Changes
Re-pricing products in the store has become a strategic tool that retailers apply to increase traffic and sales. This white paper explains how retailers are profiting from mobile markdown printing and how stores can leverage different printing applications to create more value.

Taneja Group Product Profile: Storage for the Integrated Virtual Infrastructure
This paper examines the features and capabilities of the HP P4000 product family powered by Intel (circle R) Xeon (circle R) processors, and shows how these SAN solutions help businesses to overcome the storage-related growing pains they typically encounter as they deploy and scale out a virtual infrastructure.

Business Phone System Comparison Chart
It would take weeks to evaluate every phone system on the market. Now in one spreadsheet you can see a side-by-side comparison of the top 96. Whether you're a small business, large enterprise or somewhere in between quickly see the differences between brands like Avaya, Mitel, Cisco, ShoreTel, 8x8, Panasonic, 3Com and more.

Cloud computing: Innovative solutions for test environments
This whitepaper features valuable insights pertaining to cloud usage and implementation scenarios for test cloud environments. Includes helpful guidance and scenarios for IT Managers and CIOs alike regarding public, private and hybrid testing clouds.

For daily updates follow ITwhitepapers on Twitter

SUBSCRIPTION SERVICES
You are currently subscribed as security.world@gmail.com. If you do not wish to receive future mailings from IT Whitepapers Online Resources, need to change your email or other preference, please visit:
visit us here.

View IT Whitepapers's online
privacy policy.

Copyright 2011 | IT Whitepapers | 492 Old Connecticut Path | Framingham MA 01701 |
www.itwhitepapers.com
 
 

Network World Outlook 2012: Fabrics, tablets, IPv6 & more

Can you keep your IT staff in 2012? | Enterprise smartphone and tablet incursion to grow in 2012

Network World Daily News AM

Forward this to a Friend >>>


Data center, cloud fabrics all the rage in 2012
There was a considerable amount of activity in the data center/cloud switching fabric arena in 2011. That is expected to continue in 2012, along with real world implementations of the next-generation IT technologies. Read More


WHITE PAPER: CA Technologies

The Changing Role of IT
This white paper analyzes research conducted by IDG Research Services about the changing role of IT: what's driving the change, what skill-sets will be more valued and what should forward-looking IT executives consider as IT shifts increasingly towards an IT supply chain model. Learn More

In this Issue


WHITE PAPER: Quest Software

Separating the Virtualization Hype from Reality
Download this paper today and get an exclusive link to a free desktop virtual assessment! Click on the link at the end of the paper to analyze and report on your current network, user and application usage. Read Now!

Can you keep your IT staff in 2012?
IT staff retention is shaping up to be one of the biggest challenges facing CIOs in 2012. Read More

Enterprise smartphone and tablet incursion to grow in 2012
Workers bringing their own devices to work was one of the biggest challenges IT departments faced in 2011, in 2010 and in 2009 as well. And guess what? It's going to be one of the biggest challenges in 2012 too. Read More

2012: Virtual desktops are all the rage
As budgets are locked in for 2012 it's time to aggressively expand server virtualization, and for those who have been held back by cost, to consider virtual desktops. Read More

IPv6 due for wide deployment in 2012, experts say
This was the year that IPv6 garnered major headlines, but 2012 is expected to be the year when the next-generation Internet protocol gets widely deployed by U.S. carriers and enterprises. Read More

Extreme CEO: New products in 2012, growth in 2013
After years of stagnant or lackluster growth, Extreme Networks tapped Oscar Rodriguez to bring new life to the switch maker in 2010. He scrutinized global operations, streamlined the product line and brought a new focus that he says will really come through this spring with a new wave of switches. Read More


WHITE PAPER: VeriSign

Protecting Your Critical Information Infrastructure
A strategy that assures the availability and reliability of vital resources while protecting them from malicious attacks is at the core of network operations and security. This paper defines four key components of such a strategy, and offers a practical set of guidelines for ensuring its success. Read Now!

Security minefield: 'Bring your own device' will bedevil IT security in 2012
The rapid adoption of the newest mobile devices -- especially the Apple iPhone and iPad and the Google Android-based equivalents -- will be a huge disruptive force in enterprise security next year. Not only will there be pressure to decide how to protect and manage these devices, which are growing as malware targets, the complexity of this task is magnified many times over because companies are allowing employees to use their own personal smartphones and tablets for business purposes -- what's sometime called "bring your own device" (BYOD). Read More

On the company dime: Rogue game server admins tell all
Back in January, Scandinavian gamers hijacked a New Hampshire medical center's server to host "Call of Duty: Black Ops" sessions. When asked about that incident, Stephen Heaslip of the gamer site Blues News told Network World that hackers are not the most likely individuals to commandeer corporate servers for illicit gaming: Such appropriations are more often the work of IT administrators, he said. When asked if he could put us in touch with some of these rogue game server admins, Heaslip posted a call to his readership -- and four volunteers stepped forward. Read More

Look, touch and feel: How your mobile interface will morph in 2012
The mobile user interface is set for a range of changes in the next 12-24 months, creating new modes for users to interact with their devices, and with other devices nearby and network-based services. Read More

Antivirus software sales expected to show strong growth in 2012
The prevalence with which hackers are handing out headaches to IT security pros will have a big upside for vendors in the coming year, according to new figures from Canalys. Read More

For 2012, power-efficient servers could get a shot in the ARM
In 2012 a fundamental change in server architecture could be on tap as companies look to cut data center costs with the help of technologies like ARM processors and graphics chips, analysts said. Read More


WHITE PAPER: Meraki

Integrating the iPad into Enterprise Networks
As a wireless-only device, the Apple iPad puts new requirements on the security, capacity, and manageability of enterprise wireless networks. This technical whitepaper provides best practices for supporting iPads in secure enterprise environments, without training or added staff. Read more.

Cloud activity to explode in 2012
In testing cloud computing services and observing the growth of cloud activities, we've noticed that there are distinct phases that organizations go through in adopting cloud. Read More

Microsoft in 2012: All Eyes on Windows 8
While 2011 was not a breakthrough year for Microsoft products, the company held steady amid criticism regarding its absence from the tablet market, its late arrival to the cloud, and low sales for Windows Phones. Read More

Big Data, analytics get even bigger, hotter in 2012
Every enterprise software vendor will tell you how hot and in-demand their products are, but the notion rings fairly true with respect to BI (business intelligence) and advanced analytics. The products just kept selling throughout the global recession, as companies looked to gain insights into their business and subsequently, more efficiency as well as new ideas. Read More

Apple in 2012: 5 Reasons It Will Be a Tough Year
Apple's extraordinary run over the last few years may begin to show signs of slowing next year--its first year without visionary leader Steve Jobs. Read More

10 Hot IT Jobs for Managers and Executives in 2012
If you had to pick two words to describe how the market for management- and executive- level IT jobs is shaping up for 2012, you might channel Curb Your Enthusiasm star Larry David and say "pretty good. Pri-tay, pri-tay, pri-tay, pri-tay good." Read More



SLIDESHOWS

10 Things We Love and Hate about Ubuntu Oneiric Ocelot 11.10
Ubuntu 11.10 has some jagged edges and documentation isn't easy to locate, but Canonical is certainly dreaming big with this latest update, dubbed Oneiric (dreamy) Ocelot.

GOODIES FROM MICROSOFT SUBNET
Everyone who enters will win free training from Webucator. Grand prize: a SharePoint training class worth $2,375. All who enter will be awarded a self-paced class of their choosing. Enter here: http://www.networkworld.com/community/contests. Enter here.

MOST-READ STORIES

  1. Windows 8 picture password is 'Fisher-Price toy'
  2. Dem PAC buys newtgingrich.com, wallops him with it
  3. DHS sued for Big Bro fake 'friends' monitoring social media
  4. iPad 3 rumor rollup for the week ending Dec. 20
  5. Data center, cloud fabrics to heat up in 2012
  6. 25 useful iPad business apps
  7. IPv6 due for wide deployment in 2012, experts say
  8. Extreme CEO: New products in 2012, growth in 2013
  9. 25 top network and IT industry news stories of 2011
  10. Top security incidents of 2011

Do You Tweet?
Follow everything from NetworkWorld.com on Twitter @NetworkWorld.

You are currently subscribed to networkworld_daily_news_alert as security.world@gmail.com.

Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Network World, please send an e-mail to customer_service@nww.com.

Copyright (C) 2011 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **